From: Duncan Roe <duncan_roe@optusnet.com.au>
To: netfilter-devel@vger.kernel.org
Cc: pablo@netfilter.org
Subject: [PATCH libnetfilter_queue v2 02/15] src: Convert nfq_open_nfnl() to use libmnl
Date: Fri, 24 May 2024 15:37:29 +1000 [thread overview]
Message-ID: <20240524053742.27294-3-duncan_roe@optusnet.com.au> (raw)
In-Reply-To: <20240524053742.27294-1-duncan_roe@optusnet.com.au>
__nfq_open_nfnl() manufactures a libmnl handle if called by
nfq_open_nfnl().
Replace calls to nfnl_subsys_open() and nfnl_callback_register() with
inline code.
Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au>
---
Changes in v2:
- Pretty much re-written as per updated commit message. In particular:
- Don't clear message sequencing - original didn't do that.
- Don't close the socket in any error path since it was open on entry.
src/libnetfilter_queue.c | 56 ++++++++++++++++++++++++++++++++--------
1 file changed, 45 insertions(+), 11 deletions(-)
diff --git a/src/libnetfilter_queue.c b/src/libnetfilter_queue.c
index f366198..bfb6482 100644
--- a/src/libnetfilter_queue.c
+++ b/src/libnetfilter_queue.c
@@ -484,33 +484,67 @@ static struct nfq_handle *__nfq_open_nfnl(struct nfnl_handle *nfnlh,
};
struct nfq_handle *h;
int err;
+ int i;
+ uint32_t new_subscriptions;
h = qh ? qh : calloc(1, sizeof(*h));
if (!h)
return NULL;
+ if (!qh) {
+ /* Manufacture the libmnl handle */
+ h->nl = calloc(1, sizeof(*h->nl));
+ if (!h->nl)
+ goto out_free;
+ h->nl->fd = nfnlh->fd;
+ h->nl->addr = nfnlh->local;
+ }
h->nfnlh = nfnlh;
- h->nfnlssh = nfnl_subsys_open(h->nfnlh, NFNL_SUBSYS_QUEUE,
- NFQNL_MSG_MAX, 0);
- if (!h->nfnlssh) {
+ /* Replace nfnl_subsys_open() with code adapted from libnfnetlink */
+ h->nfnlssh = &h->nfnlh->subsys[NFNL_SUBSYS_QUEUE];
+ if (h->nfnlssh->cb) {
+ errno = EBUSY;
+ goto out_free;
+ }
+ h->nfnlssh->cb = calloc(NFQNL_MSG_MAX, sizeof(*(h->nfnlssh->cb)));
+ if (!h->nfnlssh->cb) {
/* FIXME: nfq_errno */
goto out_free;
}
+ h->nfnlssh->nfnlh = h->nfnlh;
+ h->nfnlssh->cb_count = NFQNL_MSG_MAX;
+ h->nfnlssh->subsys_id = NFNL_SUBSYS_QUEUE;
+
+ /* Replacement code for recalc_rebind_subscriptions() */
+ new_subscriptions = nfnlh->subscriptions;
+ for (i = 0; i < NFNL_MAX_SUBSYS; i++)
+ new_subscriptions |= nfnlh->subsys[i].subscriptions;
+ nfnlh->local.nl_groups = new_subscriptions;
+ err = bind(nfnlh->fd, (struct sockaddr *)&nfnlh->local,
+ sizeof(nfnlh->local));
+ if (err == -1) {
+ free(h->nfnlssh->cb);
+ h->nfnlssh->cb = NULL;
+ goto out_free;
+ }
+ h->nfnlssh->subscriptions = new_subscriptions;
pkt_cb.data = h;
- err = nfnl_callback_register(h->nfnlssh, NFQNL_MSG_PACKET, &pkt_cb);
- if (err < 0) {
- nfq_errno = err;
- goto out_close;
- }
+ /* Replacement code for nfnl_callback_register()
+ * The only error return from nfnl_callback_register() is not possible
+ * here: NFQNL_MSG_PACKET (= 0) will be less than h->nfnlssh->cb_count
+ * (set to NFQNL_MSG_MAX (= 4) a few lines back).
+ */
+ memcpy(&h->nfnlssh->cb[NFQNL_MSG_PACKET], &pkt_cb, sizeof(pkt_cb));
return h;
-out_close:
- nfnl_subsys_close(h->nfnlssh);
out_free:
- if (!qh)
+ if (!qh) {
+ if (h->nl)
+ free(h->nl);
free(h);
+ }
return NULL;
}
--
2.35.8
next prev parent reply other threads:[~2024-05-24 5:37 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-24 5:37 [PATCH libnetfilter_queue v2 00/15] Convert libnetfilter_queue to not need libnfnetlink Duncan Roe
2024-05-24 5:37 ` [PATCH libnetfilter_queue v2 01/15] src: Convert nfq_open() to use libmnl Duncan Roe
2024-05-24 5:37 ` Duncan Roe [this message]
2024-05-24 5:37 ` [PATCH libnetfilter_queue v2 03/15] src: Convert nfq_close() " Duncan Roe
2024-05-24 5:37 ` [PATCH libnetfilter_queue v2 04/15] src: Convert nfq_create_queue(), nfq_bind_pf() & nfq_unbind_pf() " Duncan Roe
2024-05-24 5:37 ` [PATCH libnetfilter_queue v2 05/15] src: Convert nfq_set_queue_flags(), nfq_set_queue_maxlen() & nfq_set_mode() " Duncan Roe
2024-05-24 5:37 ` [PATCH libnetfilter_queue v2 06/15] src: Convert nfq_handle_packet(), nfq_get_secctx(), nfq_get_payload() and all the nfq_get_ functions " Duncan Roe
2024-05-24 5:37 ` [PATCH libnetfilter_queue v2 07/15] src: Convert nfq_set_verdict() and nfq_set_verdict2() to use libmnl if there is no data Duncan Roe
2024-05-24 5:37 ` [PATCH libnetfilter_queue v2 08/15] src: Incorporate nfnl_rcvbufsiz() in libnetfilter_queue Duncan Roe
2024-05-24 5:37 ` [PATCH libnetfilter_queue v2 09/15] src: Convert nfq_fd() to use libmnl Duncan Roe
2024-05-24 5:37 ` [PATCH libnetfilter_queue v2 10/15] src: Convert remaining nfq_* functions " Duncan Roe
2024-05-24 5:37 ` [PATCH libnetfilter_queue v2 11/15] src: Copy nlif-related files from libnfnetlink Duncan Roe
2024-05-24 5:37 ` [PATCH libnetfilter_queue v2 12/15] doc: Add iftable.c to the doxygen system Duncan Roe
2024-05-24 5:37 ` [PATCH libnetfilter_queue v2 13/15] src: Convert all nlif_* functions to use libmnl Duncan Roe
2024-05-24 5:37 ` [PATCH libnetfilter_queue v2 14/15] include: Use libmnl.h instead of libnfnetlink.h Duncan Roe
2024-05-24 5:37 ` [PATCH libnetfilter_queue v2 15/15] build: Remove libnfnetlink from the build Duncan Roe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240524053742.27294-3-duncan_roe@optusnet.com.au \
--to=duncan_roe@optusnet.com.au \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).